SpoofCheck

disneyplus.com email security: SPF, DKIM & DMARC

Is disneyplus.com spoofable? See disneyplus.com's SPF, DKIM, DMARC and MTA-STS records and find out if this domain is protected against email spoofing.

Last updated: June 3, 2026

32D
This domain is vulnerable to spoofing

SPF

Missing

No record found

Read the guide

DKIM

Missing

No record found

Read the guide

DMARC

Warning
v=DMARC1; p=quarantine; rua=mailto:dmarc_agg@dmarc.250ok.net, mailto:dmarc_rua@emaildefense.proofpoint.com; ruf=mailto:dmarc_ruf@emaildefense.proofpoint.com; fo=1; pct=100; rf=afrf
Read the guide

MX

OK
disneyplus-com.mail.protection.outlook.com

MTA-STS

Missing

No record found

Read the guide

Recommendations

  1. 1Upgrade your DMARC policy from p=quarantine to p=reject for full blocking

    With p=quarantine, spoofed emails are sent to spam instead of being blocked outright. Some recipients still check spam folders, and sophisticated attacks can be flagged as legitimate by users. p=reject ensures fraudulent emails never reach any folder.

  2. 2Add an SPF record: yourdomain TXT "v=spf1 include:yourprovider -all"

    SPF tells receiving servers which IP addresses are allowed to send email for your domain. Without it, any server in the world can send emails appearing to come from you. Adding SPF with -all (hardfail) means unauthorized senders will be rejected.

  3. 3Enable DKIM in your email provider and add the public key to your DNS zone

    DKIM adds a cryptographic signature to your emails, proving they haven't been tampered with in transit and genuinely originated from your domain. Without it, attackers can forge emails that pass basic checks, and your legitimate emails are more likely to land in spam.

  4. 4Add MTA-STS to enforce TLS encryption for incoming emails

    Without MTA-STS, an attacker performing a man-in-the-middle attack can downgrade the connection between mail servers to plaintext, intercepting emails in transit. MTA-STS tells sending servers to only deliver via TLS with a valid certificate, preventing downgrade attacks.

Need help securing your domain?

If you're not sure how to apply these fixes, get in touch and we'll help you out.

Contact us

Run a live analysis

The results above are updated daily. For an instant check of disneyplus.com, run a live analysis.

Analyze disneyplus.com live

Frequently asked questions about disneyplus.com

Is disneyplus.com spoofable?

Yes. disneyplus.com does not enforce a strong DMARC policy, so attackers may be able to send emails that appear to come from disneyplus.com. Email security score: 32/100 (grade D).

Does disneyplus.com have an SPF record?

No SPF record was found for disneyplus.com, which makes it easier to spoof.

What is disneyplus.com's DMARC record?

disneyplus.com publishes a DMARC record (_dmarc.disneyplus.com) with a p=quarantine policy.

Does disneyplus.com use DKIM?

No common DKIM selector was detected for disneyplus.com among those checked.

Want to test another domain? Run a free email spoofing test.

Guides to understand these results

SPF Guide

Understand how SPF defines which servers are authorized to send emails for a domain.

DKIM Guide

Discover how DKIM cryptographically signs your emails to guarantee their authenticity.

DMARC Guide

Learn how DMARC orchestrates SPF and DKIM to protect your domain.

MTA-STS Guide

Learn how MTA-STS enforces TLS encryption to protect your emails in transit.

SPF vs DKIM vs DMARC

Compare the three protocols and understand how they work together.

Check other domains

max.comparamountplus.comcanalplus.commycanal.frdeezer.comsoundcloud.com